CoA server conception

Yuriy Ivkin y.ivkin at corp.rtln.ru
Fri Mar 3 14:07:56 UTC 2023 

Greetings Alan!

Thank you for your answer!

 >  The next step is for you to figure out WHEN you want to send CoA 
packets.

Some thing like this ?

update coa {
        User-Name = "%{User-Name}"
        Acct-Session-Id = "%{Acct-Session-Id}"
        NAS-IP-Address = "%{NAS-IP-Address}"
}

if(User-Name != ""){
         update control {
             Send-CoA-Request = "%{sql: SELECT 
sendCoaForUser('%{User-Name}')}"
         }
} else {
         update control {
                 Send-CoA-Request = Yes
         }
}

03.03.2023 16:55, Alan DeKok пишет:
> On Mar 3, 2023, at 8:43 AM, Yuriy Ivkin<y.ivkin at corp.rtln.ru>  wrote:
>> After few hours of googling I think I understood.
>    The documentation tries to be as clear as possible.  But it assumes some familiarity with RADIUS.
>
>> The only not clear thing: how freeradius deside to send a CoA message or not ?
>    It doesn't.  *You* update the configuration to say "please send a CoA packet".
>
>    There are two "coa" related visual servers:
>
> coa
> 	receive CoA packets and do whatever you want with them
>
> coa-relay
> 	receive CoA packets, look up user information in a DB, and proxy them to the NAS.
>
>    From your previous message:
>
>> For example, I have a NAS server with configured coa port. I can send a disconnect request directly into it. If I configure a coa server on a freeradius server, will I be able to send a disconnect request to the freeradius instead and that is all?
>    The user is connected to the NAS, not to FreeRADIUS.  Sending a CoA packet to FreeRADIUS (and not to the NAS) will do nothing.
>
>> What is the "Simply update the  "coa" list" means ? Changing of a site configuration in accounting section like this
>    That is what it says.
>
>> Will the CoA message be generated in response for every acct request of active sessions ? That has no sense...
>    The point is not to send a CoA packet on every accounting request.  The point is to document HOW to send CoA packets.  The next step is for you to figure out WHEN you want to send CoA packets.  And then write the policy:
>
>
> 	if (... I need to send a CoA packet) {
> 		update coa {
> 			...
> 		}
> 	}
>
>    As with almost everything in the server, we don't (and can't) document every possible policy.  We can't provide a default configuration which works for everyone, and does what everyone wants.
>
>    Instead, we document how the server works.  It's up to you to figure out how to turn that into local policies.
>
>    Alan DeKok.
>
> -
> List info/subscribe/unsubscribe? Seehttp://www.freeradius.org/list/users.html

-- 
Best regards,
Yuriy Ivkin

Right Line LLC
Telephone: +7 499 517 9695
Address: Varshavskoe highway 26, office 213
Site:https://rtln.ru

More information about the Freeradius-Users mailing list